收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 病毒样本 分享&分析区 More [三十几个]
12
返回列表 发新帖
楼主: FBAV
 收起左侧

[病毒样本] More [三十几个]

[复制链接]
promised
发表于 2007-9-21 22:17:59 | 显示全部楼层
C:\ABC\新建文件夹\新建文件夹\1.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\新建文件夹\新建文件夹\10.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\新建文件夹\新建文件夹\11.exe - 特征码 'Trojan-Spy.Win32.Bancos.ha' 被发现
C:\ABC\新建文件夹\新建文件夹\12(1).exe - 特征码 'Trojan-Spy.Win32.Bancos.ha' 被发现
C:\ABC\新建文件夹\新建文件夹\12.exe.td - 特征码 'Trojan-Spy.Win32.Bancos.ha' 被发现
C:\ABC\新建文件夹\新建文件夹\13.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\新建文件夹\新建文件夹\14.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\新建文件夹\新建文件夹\15.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\新建文件夹\新建文件夹\2.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.ddm' 被发现
C:\ABC\新建文件夹\新建文件夹\3.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\新建文件夹\新建文件夹\4.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\新建文件夹\新建文件夹\5.exe - 特征码 'Trojan-Spy.Win32.Bancos.ha' 被发现
C:\ABC\新建文件夹\新建文件夹\6.exe - 特征码 'Trojan-Spy.Win32.Bancos.ha' 被发现
C:\ABC\新建文件夹\新建文件夹\7.exe - 特征码 'Trojan-Spy.Win32.Bancos.ha' 被发现
C:\ABC\新建文件夹\新建文件夹\8.exe - 特征码 'Trojan-Spy.Win32.Bancos.ha' 被发现
C:\ABC\新建文件夹\新建文件夹\9.exe - 特征码 'Trojan-Spy.Win32.Bancos.ha' 被发现
C:\ABC\新建文件夹\新建文件夹\dahua.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\新建文件夹\新建文件夹\huaxia.exe - 特征码 'Trojan-Spy.Win32.Bancos.ha' 被发现
C:\ABC\新建文件夹\新建文件夹\jianghu.exe - 特征码 'Trojan-Spy.Win32.Bancos.ha' 被发现
C:\ABC\新建文件夹\新建文件夹\jizhan.exe - 特征码 'Trojan-Spy.Win32.Bancos.ha' 被发现
C:\ABC\新建文件夹\新建文件夹\menghuan.exe - 特征码 'Trojan-Spy.Win32.Bancos.ha' 被发现
C:\ABC\新建文件夹\新建文件夹\menghuan1.exe - 特征码 'Trojan-Spy.Win32.Bancos.ha' 被发现
C:\ABC\新建文件夹\新建文件夹\moyu.exe - 特征码 'Trojan-PWS.Win32.OnLineGames.wp' 被发现
C:\ABC\新建文件夹\新建文件夹\ms.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\新建文件夹\新建文件夹\potian.exe - 特征码 'Trojan-Spy.Win32.Bancos.ha' 被发现
C:\ABC\新建文件夹\新建文件夹\qiji.exe - 特征码 'Trojan-Dropper.Win32.Agent.ane' 被发现
C:\ABC\新建文件夹\新建文件夹\tianlong.exe - 特征码 'Trojan-Spy.Win32.Bancos.ha' 被发现
C:\ABC\新建文件夹\新建文件夹\wanmei.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\新建文件夹\新建文件夹\wendao.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\新建文件夹\新建文件夹\wulin.exe - 特征码 'Trojan-Spy.Win32.Bancos.ha' 被发现
C:\ABC\新建文件夹\新建文件夹\zhengtu.exe - 特征码 'Trojan-Downloader.Win32.Zlob.and' 被发现
C:\ABC\新建文件夹\新建文件夹\zhuxian.exe - 特征码 'Trojan-Spy.Win32.Bancos.ha' 被发现

        35 文件被扫描
          (0 压缩档 0 文件)
        32 特征码被侦测
        0 可疑代码段被发现
回复

举报

mofunzone
发表于 2007-9-21 23:02:02 | 显示全部楼层
Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\My Documents\新建文件夹'
C:\Documents and Settings\Administrator\My Documents\新建文件夹\
  1.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineG.TF.1
      [INFO]      The file was deleted!
  10.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ddu
      [INFO]      The file was deleted!
  11.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '4721dd11.qua'!
  12(1).exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.dgn.2
      [INFO]      The file was deleted!
  12.exe.td
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.dgn.2
      [INFO]      The file was deleted!
  13.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [INFO]      The file was deleted!
  14.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [INFO]      The file was deleted!
  15.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
      [INFO]      The file was deleted!
  2.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLine.ddm.2
      [INFO]      The file was deleted!
  3.exe
      [DETECTION] Is the Trojan horse TR/PSW.Delf.ach
      [INFO]      The file was deleted!
  4.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '4758dd0e.qua'!
  5.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.dgn.1
      [INFO]      The file was deleted!
  6.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '46f84d2f.qua'!
  7.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.dfs
      [INFO]      The file was deleted!
  8.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ddp
      [INFO]      The file was deleted!
  9.exe
      [DETECTION] Is the Trojan horse TR/Agent.12029
      [INFO]      The file was deleted!
  dahua.exe
      [DETECTION] Is the Trojan horse TR/Hijack.Explor.4189
      [INFO]      The file was deleted!
  huaxia.exe
      [DETECTION] Is the Trojan horse TR/Agent.12029
      [INFO]      The file was deleted!
  jianghu.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.dem.1
      [INFO]      The file was deleted!
  jizhan.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.dgn.2
      [INFO]      The file was deleted!
  menghuan.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.dec
      [INFO]      The file was deleted!
  menghuan1.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.dec
      [INFO]      The file was deleted!
  moyu.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
      [INFO]      The file was deleted!
  ms.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineG.TF.1
      [INFO]      The file was deleted!
  potian.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '4767dd4f.qua'!
  qiji.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '475ddd49.qua'!
  tianlong.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '4754dd49.qua'!
  wanmei.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.dei
      [INFO]      The file was deleted!
  wendao.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineG.TF.1
      [INFO]      The file was deleted!
  wulin.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agent.bxi
      [INFO]      The file was deleted!
  zhengtu.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineG.TF.1
      [INFO]      The file was deleted!
  zhuxian.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [INFO]      The file was moved to '4768dd48.qua'!


End of the scan: 2007年9月21日  08:01
Used time: 00:04 min

The scan has been done completely.

      1 Scanning directories
     32 Files were scanned
     25 viruses and/or unwanted programs were found
      7 Files were classified as suspicious:
     25 files were deleted
      0 files were repaired
      7 files were moved to quarantine
      0 files were renamed
      0 Files cannot be scanned
      7 Files not concerned
      0 Archives were scanned
      0 Warnings
      0 Notes
回复

举报

scottxzt
发表于 2007-9-22 10:55:53 | 显示全部楼层
Begin scan in 'C:\Documents and Settings\dell\桌面\新建文件夹.rar'
C:\Documents and Settings\dell\桌面\新建文件夹.rar
  [0] Archive type: RAR
  --> н¨Îļþ¼Ð\1.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineG.TF.1
  --> н¨Îļþ¼Ð\2.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLine.ddm.2
  --> н¨Îļþ¼Ð\3.exe
      [DETECTION] Is the Trojan horse TR/PSW.Delf.ach
  --> н¨Îļþ¼Ð\4.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> н¨Îļþ¼Ð\5.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.dgn.1
  --> н¨Îļþ¼Ð\6.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> н¨Îļþ¼Ð\7.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.dfs
  --> н¨Îļþ¼Ð\8.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ddp
  --> н¨Îļþ¼Ð\9.exe
      [DETECTION] Is the Trojan horse TR/Agent.12029
  --> н¨Îļþ¼Ð\10.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.ddu
  --> н¨Îļþ¼Ð\11.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> н¨Îļþ¼Ð\12(1).exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.dgn.2
  --> н¨Îļþ¼Ð\12.exe.td
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.dgn.2
  --> н¨Îļþ¼Ð\13.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> н¨Îļþ¼Ð\14.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> н¨Îļþ¼Ð\15.exe
      [DETECTION] Is the Trojan horse TR/Dropper.Gen
  --> н¨Îļþ¼Ð\dahua.exe
      [DETECTION] Is the Trojan horse TR/Hijack.Explor.4189
  --> н¨Îļþ¼Ð\huaxia.exe
      [DETECTION] Is the Trojan horse TR/Agent.12029
  --> н¨Îļþ¼Ð\jianghu.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.dem.1
  --> н¨Îļþ¼Ð\jizhan.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.dgn.2
  --> н¨Îļþ¼Ð\menghuan1.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.dec
  --> н¨Îļþ¼Ð\menghuan.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.dec
  --> н¨Îļþ¼Ð\moyu.exe
      [DETECTION] Is the Trojan horse TR/Spy.Gen
  --> н¨Îļþ¼Ð\ms.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineG.TF.1
  --> н¨Îļþ¼Ð\potian.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> н¨Îļþ¼Ð\qiji.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> н¨Îļþ¼Ð\tianlong.exe
      [DETECTION] Contains suspicious code HEUR/Malware
  --> н¨Îļþ¼Ð\wanmei.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineGames.dei
  --> н¨Îļþ¼Ð\wendao.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineG.TF.1
  --> н¨Îļþ¼Ð\wulin.exe
      [DETECTION] Is the Trojan horse TR/Drop.Agent.bxi
  --> н¨Îļþ¼Ð\zhengtu.exe
      [DETECTION] Is the Trojan horse TR/PSW.OnLineG.TF.1
  --> н¨Îļþ¼Ð\zhuxian.exe
      [DETECTION] Contains suspicious code HEUR/Malware
      [WARNING]   The file was ignored!


End of the scan: 2007年9月22日  10:55
Used time: 00:41 min

The scan has been done completely.

      0 Scanning directories
     34 Files were scanned
     25 viruses and/or unwanted programs were found
      7 Files were classified as suspicious:
回复

举报

scottxzt
发表于 2007-9-22 11:07:18 | 显示全部楼层
启发得和没报的全部上报!
回复

举报

残缺的唯美
发表于 2007-9-22 13:56:19 | 显示全部楼层
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\1.exe - probably a variant of Win32/PSW.OnLineGames.NEP trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\2.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\5.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\6.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\7.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\8.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\9.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\10.exe - probably a variant of Win32/PSW.OnLineGames.NEP trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\11.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\12(1).exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\12.exe.td - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\14.exe - a variant of Win32/PSW.OnLineGames.YA trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\15.exe - a variant of Win32/PSW.OnLineGames.YA trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\dahua.exe - probably a variant of Win32/PSW.OnLineGames.NEP trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\huaxia.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\jianghu.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\jizhan.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\menghuan1.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\menghuan.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\moyu.exe - a variant of Win32/PSW.OnLineGames.YA trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\ms.exe - probably a variant of Win32/PSW.OnLineGames.NEP trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\potian.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\tianlong.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\wendao.exe - probably a variant of Win32/PSW.OnLineGames.NEP trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\wulin.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\zhengtu.exe - probably a variant of Win32/PSW.OnLineGames.NEP trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar » RAR » 新建文件夹\zhuxian.exe - probably a variant of Win32/Genetik trojan
D:\Documents and Settings\EKINCHENG\桌面\新建文件夹.rar - multiple threats - deleted - quarantined
回复

举报

12
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-5-4 13:29 , Processed in 0.099021 second(s), 15 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表